Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a malicious or compromised server to write an arbitrary integer value past the end of a heap-allocated structure by issuing an unexpected APPENDUID response. This could be plausibly exploited for remote code execution on the client.
CVSS Information
N/A
Vulnerability Type
不正确的类型转换
Vulnerability Title
Sourceforge mbsync 代码问题漏洞
Vulnerability Description
Sourceforge mbsync是美国Sourceforge社区的一个应用软件。提供同步远程IMAP邮箱和本地maildir样式的邮箱 Sourceforge mbsync 中存在代码问题漏洞,该漏洞源于在处理来自恶意服务器的意外APPENDUID响应时出现边界错误并触发内存损坏可在系统上执行任意代码。远程攻击者可利用该漏洞可以向客户机发送响应。以下产品及版本受到影响: Isync stretch 1.2.1-2,buster 1.3.0-2,bullseye 1.3.0-2.2,sid 1.3.0-
CVSS Information
N/A
Vulnerability Type
N/A